Recent content by wholmer

Its working. I had to change PC2s translation to static. Thanks for pointing me in the right direction!

The PC1 is now on the DMZ and traslated to the outside. It can see PC2 and PC2 can see PC1. PC1 can get to the internet but PC2 can not get to the internet.

LloydSev is right. It dawned on me when I drew it out that I need to put PC1 on the dmz and translate to the outside. I have them doing that now. When your not on site its hard to see the packets through the wires.

Thats right. We don't have any outside access when the default gateway is set to the respective PIX interfaces. PC1 on the outside interface can not get out with the default gateway set for the pix outside interface. PC2 on the inside network can not get out with the default gateway set for the...

Yes forward and reverse dns is working, we can ping by name or ip. Both pcs in the inside and outside subnets are dns servers. nslookup works on both. Both are pointing to their respective PIX interfaces as the default gateways. I have not tried the PIX itself pinging out. If the PCs set the...

dopehead summed it up right. The plan does not work. Now I reset the network with internal ips on the inside 172.16.5.1 and the DMZ with 192.168.2.1 and the outside is the regesterd ips. I also upgraded to ver 6.3(4)and I am nating with the outside devided into 2 pools. The inside can see the...

I just talked to a CISCO rep and he said ...... Not to change the outside router to .192 because then it would only send through the 1st subnet. Then I would have to add statics for the other subnets. So I should leave the router at 255.255.255.0 The config is right for permitting all computers...

By the way it is not using nat.

Nope, no vlans. The router has 192.168.1.1/255.255.255.0 (not real IP) and the computers using 192.168.1.70 or .11 and mask 198.120.42.192 on both computers.

Correction, The DNS on computer 1 is .11

I have a class C network with a single outside CISCO 2600 router with inside interface 192.168.1.1 255.255.255.0 Not real IP. I added a PIX 515 with the network subnetted .192 on each interface. Outside 192.168.1.2 .255.255.255.192 Inside 192.168.1.65 .255.255.255.192 DMZ...

Thank you lgarner for clearing this up for me.

Right now it looks like I have everything going through the VPN to the Main_Office PIX. Of course in the lab the remote setup could not get to the internet anyway. access-list inside_outbound_nat0_acl permit ip any any access-list outside_cryptomap_20 permit ip any any nat (inside) 0...

Thanks for clearing that up. What do you think of the security issues involved?

Do you have an example for HTTP and FTP traffic?